Furucombo to issue iouCOMBO tokens to repay victims of $15M exploit

Published at: March 9, 2021

Decentralized finance transaction combination tool Furucombo will compensate the victims of a recent “evil contract” exploit that cost the protocol $15 million in stolen funds.

Following an internal call with affected users last week, Furucombo released a compensation plan Tuesday, announcing that they will issue 5 million iouCOMBO tokens to the victims of the breach. Issued in the form of ERC-20 tokens, iouCOMBO tokens will represent the rights to claim Furucombo’s COMBO tokens in the recovery pool.

Out of a total of 100 million COMBO tokens, 5 million coins have been allocated to the recovery pool, and are subject to a 360-day linear-vesting period, starting from March 1. According to an announcement, Furucombo expects to create and distribute the recovery pool in April following the completion of audits.

COMBO token holders are incentivized to share fees collected on Furucombo and participate in governance. At publishing time, COMBO token is trading at $2.85, down about 3.4% over the past 24 hours. On the day of the hack, the token traded at $5.22, according to data from CoinMarketCap.

As previously reported, Furucombo suffered a contract exploit on Feb. 27, with the attacker using a fake contract to trick the protocol into thinking that their contract was a new version of Aave. In an official post-mortem on March 1, Furucombo said that the breach affected 22 users, resulting in a loss worth $15 million in 21 different assets. The stolen assets included major DeFi coins like Bao Finance (BAO), COMBO, Curve DAO (CRV), as well as popular stablecoins like Tether (USDT) and USD Coin (USDC), Furucombo told Cointelegraph.

Furucombo lost a further $1.74 million in working capital during the exploit. “We have decided to keep the remaining funds to sustain the project and office operations and ensure we are able to continue our commitment to the COMBO community,” the team wrote.

Furucombo has reported the issue to law enforcement and has started cooperating with smart contract analytics service Certora to receive a full audit for the incident.

Tags
Related Posts
​​Cream Finance DeFi platform loses $19M in a flash loan hack
Cream Finance, a major decentralized finance (DeFi) protocol focused on lending, has suffered a severe exploit, with a hacker stealing nearly $19 million from its platform. An unknown hacker has managed to gain $18.8 million in the latest flash loan exploit of the Cream Finance protocol through a reentrancy bug introduced by the Amp token, according to an investigation by blockchain security firm PeckShield. Announcing the news Monday, Cream Finance said that the protocol has stopped the exploit by pausing supply and borrow contracts on the Amp token. “No other markets were affected,” Cream Finance stated. C.R.E.A.M. v1 market on …
Decentralization / Aug. 30, 2021
Yearn.Finance puts expanded treasury to use by repaying victims of $11M hack
Major decentralized finance protocol Yearn.Finance (YFI) has restored its yDAI vault in the aftermath of a $11 million exploit by hackers. Yearn announced Tuesday that they opened a Maker vault with YFI tokens from the treasury and minted 9.7 million DAI tokens from the vault to keep the yDAI vault intact. Using borrowed money allows the project to reimburse users without taking a hit to the treasury, either due to possible YFI appreciation or by gradually repaying the debt with protocol revenue. The team said that this is a one-off occurrence, as they expect users to hedge their own risks …
Technology / Feb. 9, 2021
Jump Crypto replenishes funds from $320M Wormhole hack in largest-ever DeFi 'bailout'
On Thursday, Jump Crypto, a crypto venture capital firm that owns Certus One, the developer of the Wormhole token bridge, announced it had deposited 120 thousand Ether (ETH) into a Solana-Ethereum bridge that suffered a devastating exploit. The day prior, hackers fraudulently minted 120 thousand wrapped Ether (wETH) worth $321 million on the Solana (SOL) platform, then redeemed 93,750 wETH for ETH on the Ethereum network while swapping the rest for other altcoins on the Solana network. The cross-chain ETH-wETH is supposed to have an exchange ratio of 1:1 against one another. Therefore, unauthorized minting of wETH leads to significant …
Technology / Feb. 3, 2022
What are the worst crypto mistakes to avoid in 2022? | Find out now on The Market Report
“The Market Report” with Cointelegraph is live right now. On this week’s show, Cointelegraph’s resident experts discuss the worst mistakes you should avoid making in crypto. But first, market expert Marcel Pechman carefully examines the Bitcoin (BTC) and Ether (ETH) markets. Are the current market conditions bullish or bearish? What is the outlook for the next few months? Pechman is here to break it down. Next up: the main event. Join Cointelegraph analysts Benton Yaun, Jordan Finneseth and Sam Bourgi as they talk about the worst crypto mistakes to avoid making in 2022. First up we have Bourgi, who thinks …
Decentralization / April 12, 2022
Terra 2.0: A crypto project built on the ruins of $40 billion in investors' money
Terra remained the focus of the majority of headlines throughout May for its spiral collapse leading to a loss of over $40 billion in investors’ money. Despite some early resistance from the community and heavy backlash from the likes of Binance CEO Changpeng “CZ” Zhao, Terra co-founder Do Kwon managed to relaunch the collapsed network with a new chain called Terra 2.0 (Phoenix-1). The amended proposal for the relaunch of the network by increasing the genesis liquidity, which introduces a new liquidity profile for pre-attack Luna Classic (LUNC) holders and decreases the distribution to post-attack TerraUSD Classic (USTC) holders, was …
Decentralization / June 3, 2022